package com.bltec.emergency.common;

import com.bltec.emergency.model.Permission;
import com.bltec.emergency.model.Role;
import com.bltec.emergency.service.mgrService.PermissionService;
import com.bltec.emergency.service.mgrService.RoleService;
import com.bltec.emergency.service.mgrService.UserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.ArrayList;
import java.util.List;

public class MyRealm extends AuthorizingRealm {
    @Autowired
    private UserService userService;
    @Autowired
    private RoleService roleService;
    @Autowired
    private PermissionService permissionService;

    //授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(@NotNull PrincipalCollection principalCollection) {
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        /*获取当前的用户名字*/
        String userName = (String) principalCollection.getPrimaryPrincipal();
        //获取当前用户的角色
        Role role = roleService.getRoleById(userService.getRoleIdByUserName(userName));
        //获取角色名字
        try {
            String roleName = role.getRoleName();
            //通知当前用户拥有的角色名字
            if (null != roleName) {
                info.addRole(roleName);
            }
            //定义一个存放权限代码的集合
            List<String> perCode = new ArrayList<String>();
            //获得当前角色的所有权限，并将权限代码存入perCodeLIST集合中
            List<Permission> permissions = permissionService.getAllPermissionByRoleId(userService.getRoleIdByUserName(userName));
            //通知shiro当前角色拥有的权限
            if (null != permissions && permissions.size() != 0) {
                for (Permission permission : permissions) {
                    perCode.add(permission.getPercode());
                }
                info.addStringPermissions(perCode);
            }
        } catch (Exception e) {
            System.out.println("没有对应角色或权限"+e.getMessage());
        }
        return info;
    }

    //认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //从token中获取信息
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        String username = token.getUsername();
        String password = userService.getPassWordByUserName(username);

        if (null == password) {
            throw new AuthenticationException("用户名错误");
        } else if (!password.equals(new String(token.getPassword()))) {
            throw new AuthenticationException("密码错误");
        }
        //组合一个验证信息
        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(token.getPrincipal(), password, getName());
        return info;
    }

    @Override
    public boolean supports(AuthenticationToken token) {
        return token instanceof UsernamePasswordToken;
    }
}
